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DETAILED ACTION 
Claim Rejections - 35 USC § 103 

1. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

2. Claims 1-30 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Corneille et al. US 20050073982 in view of Wenzel US 20020034939. 

Regarding claim 1 , Corneille discloses an Application Gateway Module 
suitable for use in a telecommunication system wherein a service network 
authenticates a user and authorizes t he user for accessing a service offered by a 
service provider the Application Gateway Module arranged for application 
messages between the user and the service and for identifying said user and 
said service (paragraph [0122] where the authentication manager require the 
end user to provide a user name and password whenever the end user is 
accessing the service i.e. AAA). Corneille discloses means for obtaining an 
authorization decision on whether the user is allowed to access the service 
(paragraph [0122] where end user to provide a user name and password 
whenever the end user is accessing a MSB business service or business 
application). Corneille discloses the Application Gateway Module comprising 
means for assigning a service session identifier intended to identify those 
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application messages exchanged between the user and the service and that 
belong to a same service delivery authorized f or said user (paragraph [0124] 
information from the session database 118 to determine who the user is 
and what services are being requesting). Corneille discloses means for 
configuring network devices first finite-state machine (SCSM) with a number of 
status intended to identify specific events in service delivery where service 
progression can be controlled (Fig. 42 and paragraph [0103] - configuration of 
mobile device) and means for activating service policies applicable to said 
specific events and resulting in a state transition (paragraph [0159] where service 
is activated). However Cornellie is silent on configuring a first finite-state machine 
(SCSM) with a number of status intended to identify specific events. 

Wenzel teaches configuring a first finite-state machine (SCSM) with a 
number of status intended to identify specific events (paragraph [0025] where 
an AAA server with a database of user profiles and configuration data 
communicates with AAA clients). 

At the time of invention, it would have been obvious to modify the 
invention of Cornellie with the teachings of Wenzel. The motivation would be in 
order to include a table that identifies authorized access terminals, by access 
terminal ID, for access to the network (abstract). 

Regarding claim 2, Wenzel teaches wherein the means for assigning a 
service session identifier include means for initiating a specific instance of the 
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first finite-state machine, said specific instance being identified by the assigned 
service session identifier (paragraph [0038]). 

Regarding claim 3, Cornellie discloses wherein the means for activating 
service policies include means for setting at least one element selected from a 
non-exhaustive list of references and attributes that comprises: a number of 
message field values to match, a number of specific actions to carry out on 
matching, a number of timer values to run, and a number of transactions to 
supervise (paragraph [0221] where transactions are supervised). 

Regarding claim 4, Cornellie discloses wherein the means for activating 
service policies include means for activating a global service policy 
independently of any service delivery in progress (paragraph [0327] - global 
service policy is activated). 

Regarding claim 5, Cornellie discloses wherein the means for activating 
service policies include means for initiating an instance of a global service policy 
to apply as an individual service policy within a specific instance of the first finite- 
state machine, the individual service policy inheriting references and attributes 
from the global service policy (paragraph [0140]). 
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Regarding claim 6, Cornellie discloses means for overwriting references 
and attributes of an individual service policy with new references and attributes 
during a service progression handled within a specific instance of the first finite- 
state machine (paragraph [0185]). 

Regarding claim 7, Cornellie discloses wherein a particular state is 
associated with a number of individual service policies within a specific instance 
of the first finite-state machine, said instance identified by a given service session 
identifier (paragraph [0130] - Session ID Identifier for user session). 

Regarding claim 8, Wenzel teaches wherein the means for obtaining an 
authorization decision include means for requesting a service authorization from 
an Authorization Module (paragraph [0013]). 

Regarding claim 9, Cornellie discloses wherein the means for activating 
service policies include means for receiving from the Authorization Module at 
least one element applicable to set a service policy, the element selected from a 
non-exhaustive list of references and attributes that comprises: a number of 
message field values to match, a number of specific actions to carry out on 
matching, a number of timer values to run, and a number of transactions to 
supervise (paragraph [0130]). 
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Regarding claim 10, Cornellie discloses wherein the means for activating 
service policies includes means for receiving a global service policy from the 
Authorization Module (paragraph [0327]). 

Regarding claim 1 1 , Cornellie discloses means for receiving references 
and attributes from the Authorization Module applicable to overwrite an individual 
service policy with new references and attributes during a service progression 
handled within a specific instance of the first finite-state machine (paragraph 
[0235]). 

Regarding claim 12, Cornellie discloses means for notifying to the 
Authorization Module a specific event in service progression (paragraph [0247]). 

Regarding claim 13, Wenzel teaches means for requesting from the 
Authorization Module a further processing to determine an appropriate action to 
go on with the service progression (paragraph [0030]). 

Regarding claim 14, Cornellie discloses means for receiving from the 
Authorization Module an instruction selected from: access granted without 
restriction, another service to substitute a previous service requested, forced 
logout, and indication of a state transition (paragraph [0032]). 
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Regarding claim 15, Corneille discloses an Authorization Module 
suitable for use in a telecommunication system wherein a service network 
authenticates a user and authorizes t he user for accessing a service offered by a 
service provider the Authorization Module arranged for deciding whether a user 
is allowed to access a service (paragraph [0122] where the authentication 
manager require the end user to provide a user name and password 
whenever the end user is accessing the service i.e. AAA) and having: 
means for receiving a service authorization request from an Application Gateway 
Module (paragraph [0124] where service request is received) and means for 
returning to the Application Gateway Module a response on whether the user is 
granted access to the requested service (paragraph [0122] where end user to 
provide a user name and password whenever the end user is accessing a 
MSB business service or business application). Corneille discloses the 
Authorization Module comprising : means for generating a service session 
identifier intended to correlate those application messages exchanged between 
the user and the service and that belong to a same service delivery authorized 
seal for said user (paragraph [0124] information from the session database 
1 18 to determine who the user is and what services are being requesting). 
Corneille discloses means for configuring network devices with a number of 
status intended to identify specific events in service progression where the 
Authorization Module can act over the Application Gateway Module to control the 
service progression (Fig. 42 and paragraph [0103] - configuration of mobile 
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device): and means for determining service policies applicable to said specific 
events and resulting in a state transition (paragraph [0159] where service is 
activated). However Cornellie is silent on configuring a second finite-state 
machine with a number of status intended to identify specific events in service 
progression. 

Wenzel teaches configuring a second finite-state machine with a number 
of status intended to identify specific events in service progression (paragraph 
[0025] where an AAA server with a database of user profiles and 
configuration data communicates with AAA clients). 

Regarding claim 16, Wenzel teaches wherein the means for generating a 
service session identifier comprise means for including said service session 
identifier in the response to be returned to the Application Gateway Module on 
whether the user is granted access to the requested service (paragraph [0026]). 

Regarding claim 17, Cornellie discloses wherein the means for generating 
a service session identifier includes means for initiating a specific instance of the 
second finite-state machine said specific instance being identified by said service 
session identifier (paragraph [0124]). 

Regarding claim 18, Cornellie discloses wherein a particular state is 
associated with a number of service policies within a specific instance of the 
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second finite- state, said instance identified by a given service session identifier 
(paragraph [0140]). 

Regarding claim 19, combination of above discloses wherein the means 
for determining service policies comprise means for including in the response 
towards the Application Gateway Module at least one information element to 
activate a service policy within a specific state in the Application Gateway 
Module, said at least one information element selected from a non- exhaustive 
listreferences and attributes that comprises: a number of message field values to 
match; a set of actions to carry out on matching a given message field value ; a 
number of new timer values to run; and a number of transactions to supervise 
(see above). 

Regarding claim 20, Cornellie discloses wherein the means for including in 
the response towards the Application Gateway Module at least one information 
element to activate a service policy include means for indicating that this is a 
global service policy to apply independently of any service delivery in progress 
(paragraph [0028]). 

Regarding claim 21, Cornellie discloses comprising means for receiving a 
notification, from an Application Gateway Module, indicating a specific event 
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detected in service progression (paragraph [0143]).. 

Regarding claim 22, Cornellie discloses comprising means for receiving a 
request, from an Application Gateway Module asking for an instruction to 
proceed with a service progression (abstract). 

Regarding claim 23, Cornellie discloses means for sending towards the 
Application Gateway Module an instruction selected from: access granted without 
restriction, another service to substitute a previous service requested, forced log 
out, and indication of a state transition (paragraph [0032]). 

Regarding claim 24, Wenzel teaches means for receiving an application 
message from at least one entity selected from a number of application servers 
and provisioning systems, the application message including a given service 
session identifier intended to identify a specific instance of the second finite- 
state machine in the Authorization Module (paragraph [0038]). 

Regarding claim 25, Corneille discloses a method for authorizing a user of 
a service network to access a service offered by a service server of a service 
provider, the user already authenticated by the service network, the server 
arranged to deliver a service that comprises a plurality of transactions by 
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exchanging a plurality of application messages with the user (paragraph [0122] - 
AAA). Corneille discloses obtaining a first authorization decision on whether the 
user is allowed to access the service (paragraph [0122] where end user to 
provide a user name and password whenever the end user is accessing a 
MSB business service or business application. Corneille discloses generating 
and assigning a service session identifier intended to identify those application 
messages exchanged between the user and the service and that belong to a 
same service delivery authorized f or said user paragraph [0124] information 
from the session database 1 18 to determine who the user is and what 
services are being requesting). Corneille discloses configuring network 
devices with a number of status intended to identify specific events in service 
delivery where service progression can be controlled (Fig. 42 and paragraph 
[0103] - configuration of mobile device) and activating service policies applicable 
to said specific events and resulting in a state transition (paragraph [0159] where 
service is activated). 

However Cornellie is silent on configuring a first finite-state machine with 
a number of status intended to identify specific events. 

Wenzel teaches configuring a first finite-state machine with a number of 
status intended to identify specific events (paragraph [0025] where an AAA 
server with a database of user profiles and configuration data 
communicates with AAA clients). 
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Regarding claim 26, Corneille discloses wherein the step of generating 
and assigning a service session identifier includes a step of initiating a specific 
instance of the at least one finite-state machine said specific instance being 
identified by the assigned service session identifier (paragraph [0124]).. 

Regarding claim 27, Corneille discloses wherein a particular 
state within the specific instance of the at least one finite-state machine is 
associated with a number of service policies (paragraph [0327]. 

Regarding claim 28, Corneille discloses wherein the step of activating 
service policies includes a step of setting at least one element selected from a 
non-exhaustive list of references and attributes that comprises: a number of 
message field values to match, a number of specific actions to carry out on 
matching, a number of timer values to run, and a number of transactions to 
supervise (paragraph [0221] where transactions are supervised).. 
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Regarding claim 29, Corneille discloses a step of receiving at the service 
network an application message originated at an entity selected from: a number 
of service servers of a service provider and a number of entities of a provisioning 
system, the application message including a given service session identifier 
intended to identify a specific instance of the at least one finite-state machine 
(paragraph [0185]). 

Regarding claim 30, Wenzel teaches wherein the step of configuring at 
least one finite-state machine further comprises configuring a first finite-state 
machine in an Application Gateway Module and configuring a second finite-state 
machine in an Authorization Module (paragraph [0025] - configuration data 
communicates with AAA clients). 

Conclusion 

1 . Any inquiry concerning this communication or earlier communications from the 
Examiner should be directed to Amanuel Lebassi, whose telephone number is (571) 
270-5303. The Examiner can normally be reached on Monday-Thursday from 8:00am to 
5:00pm. 

If attempts to reach the Examiner by telephone are unsuccessful, the Examiner's 
supervisor, Nick Corsaro can be reached at (571) 272-7876. The fax phone number for 
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the organization where this application or proceeding is assigned is (571) 273- 
8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov. Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll-free) or 703-305-3028. 

Any inquiry of a general nature or relating to the status of this application or 
proceeding should be directed to the receptionist/customer service whose telephone 
number is (571)272-2600. 

Amanuel Lebassi 
/A. L/ 
10/24/2009 

/NICK CORSARO/ 

Supervisory Patent Examiner, Art Unit 2617 



